Uploaded image for project: 'Calcite'
  1. Calcite
  2. CALCITE-5232

Upgrade protobuf-java from 3.17.1 to 3.21.5

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.31.0, avatica-1.22.0
    • 1.32.0, avatica-1.23.0
    • avatica, core
    • None

    Description

      Upgrade protobuf-java in Calcite and Avatica.

      Some scanning tools say that the current version, 3.17.1, is affected by CVE-2021-22569. It is not, but this upgrade makes those warnings go away.

      As for CALCITE-4626, we plan to upgrade both Avatica and Calcite, to keep them on the same protobuf-java version.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. CALCITE-4626 Warning during build for JDK9+ projects due to com.google.protobuf.UnsafeUtil

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          links to

          Web Link Avatica dev branch

          Web Link Calcite dev branch

          Activity

            People

              julianhyde Julian Hyde
              julianhyde Julian Hyde
              Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: